[Openutils-svn] SF.net SVN: openutils: [677] trunk/openutils-hibernate-security/src/main/ java/it/

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 677
          http://openutils.svn.sourceforge.net/openutils/?rev=677&view=rev
Author:   fcarone
Date:     2008-02-21 06:54:07 -0800 (Thu, 21 Feb 2008)

Log Message:
-----------
get all available rules for the given entity

Modified Paths:
--------------
    trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java

Modified: trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java
===================================================================

--- trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java	2008-02-21 14:52:50 UTC (rev 676)
+++ trunk/openutils-hibernate-security/src/main/java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java	2008-02-21 14:54:07 UTC (rev 677)
@@ -7,11 +7,13 @@
 import it.openutils.hibernate.security.filter.utils.SecurityRuleUtils;
 import it.openutils.hibernate.security.services.SecurityRuleManager;
 
+import java.util.ArrayList;
 import java.util.List;
 
 import org.acegisecurity.Authentication;
 import org.acegisecurity.ConfigAttributeDefinition;
 import org.apache.commons.collections.Predicate;
+import org.apache.commons.lang.StringUtils;
 
 
 /**
@@ -45,14 +47,13 @@
     }
 
     /**
-     * {@inheritDoc}
-     * If we return false here, the element will be removed from the original collection.
+     * {@inheritDoc} If we return false here, the element will be removed from the original collection.
      */
     @SuppressWarnings("unchecked")
     public boolean evaluate(Object object)
     {
         List<String> roles = ruleUtils.getRolesFromAuthentication(authentication);
-        List<SecurityRule> rules = securityRuleManager.getRulesForRoles(ruleUtils.getClassName(object), roles);
+        List<SecurityRule> rules = findAllRules(object, roles);
 
         // @todo: this should be configurable
         // denyAll by default
@@ -63,5 +64,22 @@
         return (ruleUtils.checkPermissions(rules, configAttribute) && ruleUtils.checkRules(rules, object));
     }
 
+    @SuppressWarnings("unchecked")
+    // @todo: needs unit test methods
+    private List<SecurityRule> findAllRules(Object object, List<String> roles)
+    {
+        List<SecurityRule> result = new ArrayList<SecurityRule>();
 
+        Class objectClass = object.getClass();
+        while (!objectClass.isAssignableFrom(Object.class))
+        {
+            result.addAll(securityRuleManager.getRulesForRoles(
+                StringUtils.substringBefore(objectClass.getName(), "$$"),
+                roles));
+
+            objectClass = objectClass.getSuperclass();
+        }
+        return result;
+    }
+
 }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.




[Openutils-svn] SF.net SVN: openutils: [677] trunk/openutils-hibernate-security/src/main/ java/it/

[Openutils-svn] SF.net SVN: openutils: [677] trunk/openutils-hibernate-security/src/main/ java/it/openutils/hibernate/security/filter/SecurityRulePredicate.java